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CLAIMS 

1 1 . A method for establishing a communication session on a communication medium 

2 between a first data processing station and a second data processing station having access 

3 to the communication medium, comprising: 

4 receiving at the first station a request from the second station for initiation of a 

5 communication session; 

6 producing dynamic sets of session random symmetric encryption keys at the first 

7 station; and 

8 after receiving said request, executing a plurality of exchanges of encrypted 

9 messages across said communication medium to mutually authenticate the first station 

10 and the second station, and to provide the encryption key to the second station for use in 

1 1 said communication session. 

1 2. The method of claim 1 , wherein during said plurality of exchanges, said first and 

2 second stations use at least two shared secrets, which are shared between the first station 

3 and the second station, or between the first station and a user at the second station, 

4 without exchanging messages carrying said shared secrets via the communication 

5 medium. 

1 3 . The method of claim 1 , including mutual authentication based on at least two 

2 shared secrets, without exchanging messages carrying said shared secrets in any form via 

3 the communication medium. 

1 4. The method of claim 1, wherein said plurality of exchanges comprise interactive 

2 exchanges, said interactive exchanges including a message from the first station to the 

3 second station and a responsive message from the second station to the first station, 

4 where the responsive message comprises information from the message from the first 

5 station derived using information derived from a message in a previous exchange. 
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1 5 . The method of claim 1 , wherein producing an encryption key at the first station 

2 includes: 

3 assigning a session random key in said first station, in response to a request 

4 received by said first station during a session random key initiation interval for use in a 

5 first exchange of said plurality of exchanges; 

6 associating, in said first station, a plurality of intermediate data random keys with 

7 said request for use in said plurality of exchanges; and 

8 wherein said plurality of exchanges includes at least one message carrying an 

9 encrypted version of one of said plurality of intermediate data random keys to be 
10 accepted as said encryption key upon said mutual authentication. 

1 6. The method of claim 1 , wherein producing an encryption key at the first station 

2 includes: 

3 providing a buffer at the first station; 

4 generating keys and storing said keys in the buffer; 

5 associating respective session random key initiation intervals with said keys 

6 stored in said buffer; 

7 using keys from said buffer as session random keys in response to requests 

8 received by said first station during said respective session random key initiation intervals 

9 for use in a first exchange of said plurality of exchanges; 

10 removing keys from said buffer after expiry of the respective session random key 

1 1 lifetime in the buffer. 

1 7. The method of claim 6, wherein said buffer is managed as a circular buffer. 

1 8. The method of claim 6, wherein a session random key lifetime in the buffer for 

2 said plurality of exchanges has a value within which the plurality of exchanges can be 

3 completed in expected circumstances, and said keys are removed from said buffer after a 

4 multiple M times said value of session random key lifetime to engage into establishing a 

5 communication session, where M is less than or equal to 10. 
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9. The method of claim 6, wherein a session random key lifetime in the buffer for 
said plurality of exchanges has a value within which the plurality of exchanges can be 
completed in expected circumstances, and said keys are removed from said buffer after a 
multiple M times said value, and the session random key lifetime to engage into 
establishing a communication session is less than about 90 second 

1 0. The method of claim 1 , wherein producing an encryption key at the first station 
includes: 

assigning, in said first station, a session random key for use within a session 
random key initiation interval in response to requests received by said first station during 
said session random key initiation interval for use in a first exchange of said plurality of 
exchanges; 

associating, in said first station, a plurality of intermediate data random keys with 
said request for use in said plurality of exchanges; 

wherein said plurality of exchanges includes a first message from the first station 
carrying said session random key to the second station, where the second station returns a 
second message carrying a shared parameter, which is shared between the first station 
and the second station, or between the first station and a user at the second station, and 
encrypted using the session random key; and 

decrypting the shared parameter from said second message at the first station. 

1 1 . The method of claim 1 , wherein producing an encryption key at the first station 
includes: 

assigning, in said first station, a session random key for use within a session 
random key initiation interval in response to requests received by said first station during 
said session random key initiation interval for use in a first exchange of said plurality of 
exchanges; 

associating, in said first station, a plurality of intermediate data random keys with 
said request for use in said plurality of exchanges; 
wherein said plurality of exchanges includes 

a first exchange including sending a first message from the first station carrying 
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said session random key to the second station, where the second station 
returns a second message carrying a shared parameter encrypted using the 
session random key, and decrypting the shared parameter at the first 
station to validate the second station, or a user at the second station; and 
a second exchange including sending a further message from the first station to 
the second station, the further message carrying a particular data random 
key from said plurality of intermediate data random keys encrypted using 
the session random key, where the second station returns another message 
carrying a hashed version of said particular data random key encrypted 
using said particular encryption key to the first station, and decrypting said 
hashed version of said particular data random key at the first station using 
said particular data random key. 

12. The method of claim 1, wherein producing an encryption key at the first station 
includes: 

assigning, in said first station, a session random key for use within a session 
random key initiation interval in response to requests received by said first station during 
said session random key initiation interval for use in a first exchange of said plurality of 
exchanges; 

associating, in said first station, a plurality of intermediate data random keys with 
said request for use in said plurality of exchanges; and 

after said request for initiation of a communication session, presenting to the 
second station a user interface along with the session random key, said user interface 
including a prompt for entry of a shared parameter and at least one shared secret. 

1 3 . The method of claim 1 , wherein producing an encryption key at the first station 
includes: 

assigning, in said first station, a session random key for use within a session 
random key initiation interval in response to requests received by said first station during 
said session random key initiation interval for use in a first exchange of said plurality of 
exchanges; 
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associating, in said first station, a plurality of intermediate data random keys with 
said request for use in said plurality of exchanges; and 

after said request for initiation of a communication session, presenting to the 
second station a user interface along with the session random key, said user interface 
including a prompt for entry of a shared parameter and at least two shared secrets. 

1 4. The method of claim 1 , wherein producing an encryption key at the first station 
includes: 

assigning, in said first station, a session random key for use within a session 
random key initiation interval in response to requests received by said first station during 
said session random key initiation interval for use in a first exchange of said plurality of 
exchanges; 

associating, in said first station, a plurality of intermediate data random keys with 
said request for use in said plurality of exchanges; 
wherein said plurality of exchanges includes 

a first exchange including sending a first message from the first station carrying 
said session random key to the second station, where the second station 
returns a second message carrying a shared parameter encrypted using the 
session random key, and decrypting the shared parameter at the first 
station; and 

a second exchange including sending a third message from the first station to the 
second station, the third message carrying a particular data random key 
from said plurality of intermediate data random keys encrypted using the 
session random key, where the second station returns a fourth message 
carrying a hashed version of said particular data random key encrypted 
using said particular data random key to the first station, and decrypting 
said hashed version of said particular data random key at the first station 
using said particular data random key; 

and then executing at least one additional exchange in said plurality of exchanges, 

where 
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25 said at least one additional exchange includes sending an additional message from 

26 the first station to the second station carrying a next data random key from 

27 the plurality of intermediate data random keys associated with said 

28 request, encrypted using a key exchanged during a previously completed 

29 exchange in said plurality of exchanges, where the second station decrypts 

30 said next data random key and returns a responsive message carrying a 

3 1 hashed version of said next data random key encrypted using said next 

32 data random key, and decrypting at the first station said hashed version of 

33 said next data random key using said next data random key. 

1 15. The method of claim 14, including during at least one of said additional 

2 exchanges, 

3 producing said third message by first veiling the particular data random key using 



4 a first conversion array seeded by a first shared secret and encrypting the veiled particular 

5 data random key, where the second station decrypts and unveils said particular data 

6 random key using the first shared secret, and where the second station produces said 

7 fourth message by veiling the hashed version of the particular data random key using a 

8 second conversion array seeded by said first shared secret and encrypting the veiled 

9 hashed version of the next data random key; and 



10 decrypting and unveiling the hashed version of the particular data random key at 

1 1 the first station. 

1 16. The method of claim 14, including executing more than one of said additional 

2 exchanges. 

1 17. The method of claim 14, including during at least one of said additional 

2 exchanges, 

3 producing said additional message by first veiling the next data random key using 

4 a first conversion array seeded by a shared secret and encrypting the veiled next data 

5 random key, where the second station decrypts and unveils said next data random key 

6 using the shared secret, and 
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7 where the second station produces said responsive message by veiling the hashed version 

8 of the next data random key using a second conversion array seeded by said shared secret 

9 and encrypting the veiled hashed version of the next data random key; and 

10 decrypting and unveiling the hashed version of the next data random key at the 

1 1 first station. 

1 18. The method of claim 1 7, where the one of the first and second conversion arrays 

2 comprises X sections, each of said X sections including Y byte positions in an order, and 

3 including 

4 generating one of the first and second conversion arrays using a random number 

5 generator seeded by said shared secret to produce a pseudorandom number having X 

6 values corresponding with respective sections of said X sections, the X values each being 

7 between 1 and Y and identifying one of said Y byte positions, and 

8 placing a byte of said random key in each of said X sections at the one of said Y 

9 byte positions identified by the corresponding one of said X values. 

1 19. The method of claim 17, where the one of the first and second conversion arrays 

2 comprises X sections, each of said X sections including Z bit positions in an order, and 

3 including 

4 generating one of the first and second conversion arrays using a random number 

5 generator seeded by said shared secret to produce a pseudorandom number having X 

6 values corresponding with respective sections of said X sections, the X values each being 

7 between 1 and Z and identifying one of said Z bit positions, and 

8 placing a bit of said random key in each of said X sections at the one of said Z bit 

9 positions identified by the corresponding one of said X values. 

1 20. The method of claim 18, where the one of the first and second conversion arrays 

2 comprises X sections, each of said X sections including Y byte positions in an order, each 

3 of said Y byte positions including B bit positions in an order, and including 

4 generating one of the first and second conversion arrays using a random number 

5 generator seeded by said shared secret to produce a first pseudorandom number having X 
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6 values corresponding with respective sections of said X sections, the X values each being 

7 between 1 and Y and identifying one of said Y byte positions, 

8 using a random number generator seeded by said shared secret to produce a 

9 second pseudorandom number having B values corresponding with respective bits in a 

10 byte of said random key, the B values each being between 1 and B and identifying one of 

1 1 said B bit positions, 

12 placing a byte, including B bits, of said random key in each of said X sections at 

13 the one of said Y byte positions identified by the corresponding one of said X values, and 

14 mapping the B bits of said byte of said random key to said B bit positions 

15 identified by the corresponding one of said B values. 

1 21. The method of claim 1 7, where the one of the first and second conversion arrays 

2 comprises X sections, each of said X sections including Y byte positions in an order, each 

3 of said Y byte positions including B bit positions in an order, and including 

4 generating one of the first and second conversion arrays using a random number 

5 generator seeded by said shared secret to produce a first pseudorandom number having X 

6 values corresponding with respective sections of said X sections, the X values each being 

7 between 1 and Y and identifying one of said Y byte positions, 

8 using a random number generator to produce a second pseudorandom number 

9 having B values corresponding with respective bits in a byte of said random key, the B 

10 values each being between 1 and B and identifying one of said B bit positions, 

1 1 placing a byte, including B bits, of said random key in each of said X sections at 

12 the one of said Y byte positions identified by the corresponding one of said X values, and 

13 mapping the B bits of said byte of said random key to said B bit positions 

14 identified by the corresponding one of said B values. 

1 22. The method of claim 1 7, including upon request for initiation of a communication 

2 session, presenting to the second station a user interface for initiation of an authentication 

3 session including a compiled version of the session random key and parameters for one or 

4 more conversion arrays, said user interface including a prompt for entry of the shared 

5 parameter, and at least said shared secret. 
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1 23. The method of claim 15, including upon request for initiation of a communication 

2 session, presenting to the second station a user interface for initiation of an authentication 

3 session including a compiled version of the session random key and parameters for one or 

4 more conversion arrays, said user interface including a prompt for entry of the shared 

5 parameter, and at least said shared secret. 



1 24. The method of claim 14, including executing a further exchange including 

2 sending a message from the first station to the second station carrying said 

3 encryption key encrypted using a first shared secret to the second station, 

4 where the second station returns a message carrying a hashed version of 

5 said encryption key encrypted using said first shared secret, and 

6 decrypting said encryption key at the first station; 

7 sending a message from the first station to the second station carrying said 

8 encryption key encrypted using a second shared secret, where the second 

9 station decrypts said encryption key, and returns a message to the first 

10 station carrying a hashed version of the encryption key encrypted using 

1 1 said second shared secret. 

1 25. The method of claim 14, including executing a further exchange including 

2 sending a message from the first station to the second station carrying said 

3 encryption key encrypted using a first shared secret to the second station, 

4 where the second station returns a message carrying a hashed version of 

5 said encryption key encrypted using said first shared secret, and 

6 decrypting said encryption key at the first station; 

7 sending a message from the first station to the second station carrying said 

8 encryption key encrypted using a second shared secret, where the second 

9 station decrypts said encryption key, and returns a message to the first 

10 station carrying a hashed version of the encryption key encrypted using 

1 1 said second shared secret; and 

12 sending a message from the first station to the second station carrying an 
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13 authentication signal indicating success or failure of mutual authentication 

14 and establishment of the encryption key, said authentication signal being 

15 encrypted using one of said intermediate data random keys from a 

16 previous exchange. 

1 26. A data processing apparatus, comprising: 

2 a processor, a communication interface adapted for connection to a 

3 communication medium, and memory storing instructions for execution by the data 

4 processor, the instructions including 

5 logic to receive a request via the communication interface for initiation of a 

6 communication session between a first station and a second station; 

7 logic to provide ephemeral encryption keys at the first station; and 

8 logic to execute after receiving said request, a plurality of exchanges of messages 

9 across said communication medium to mutually authenticate the first station and the 

10 second station and to provide one of said ephemeral encryption keys to the second station 

1 1 for use in said communication session. 

1 27. The apparatus of claim 26, wherein during said plurality of exchanges, said 

2 instructions include logic requiring the first and second stations to use at least two shared 

3 secrets without exchanging messages carrying said shared secrets via the communication 

4 medium. 

1 28. The apparatus of claim 26, said instructions include logic for mutual 

2 authentication based on at least two shared secrets without exchanging messages carrying 

3 said shared secrets via the communication medium. 

1 29. The apparatus of claim 26, wherein said plurality of exchanges comprise 

2 interactive exchanges, said interactive exchanges including a message from the first 

3 station to the second station and a responsive message from the second station to the first 

4 station, where the responsive message comprises information from the message from the 

5 first station derived using information derived from a message in a previous exchange. 
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1 30. The apparatus of claim 26, wherein said logic to provide ephemeral encryption 

2 keys at the first station includes: 

3 logic that assigns a session random key in said first station, in response to a 

4 request received during a session random key initiation interval for use in a first exchange 

5 of said plurality of exchanges; 

6 logic that associates, in said first station, a plurality of intermediate data random 

7 keys with said request for use in said plurality of exchanges; and 

8 wherein said plurality of exchanges includes at least one message carrying an 

9 encrypted version of one of said plurality of intermediate data random keys to be 
10 accepted as said encryption key upon said mutual authentication. 

1 31. The apparatus of claim 26, wherein said logic to provide ephemeral encryption 

2 keys at the first station includes instructions: 

3 providing a buffer at the first station; 

4 generating keys and storing said keys in the buffer; 

5 associating respective session random key initiation intervals with said keys 

6 stored in said buffer; 

7 using keys from said buffer as session random keys in response to requests 

8 received by said first station during said respective session random key initiation intervals 

9 for use in a first exchange of said plurality of exchanges; 

10 removing keys from said buffer after expiry of the respective session random key 

1 1 lifetime in the buffer. 

1 32. The apparatus of claim 3 1 , wherein said buffer is managed as a circular buffer. 

1 33. The apparatus of claim 3 1 , wherein a session random key lifetime in the buffer for 

2 said plurality of exchanges has a value within which the plurality of exchanges can be 

3 completed in expected circumstances, and said keys are removed from said buffer after a 

4 multiple M times said value session random key lifetime to engage into establishing a 

5 communication session, where M is less than or equal to 10. 
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1 34. The apparatus of claim 3 1 , wherein a session random key lifetime in the buffer for 

2 said plurality of exchanges has a value within which the plurality of exchanges can be 

3 completed in expected circumstances, and said keys are removed from said buffer after a 

4 multiple M times said value session random key lifetime to engage into establishing a 

5 communication session, and the session random key lifetime to engage into establishing a 

6 communication session is less than about 90 second. 



1 35. The apparatus of claim 26, wherein said logic to provide ephemeral encryption 

2 keys at the first station includes instructions: 

3 assigning, in said first station, a session random key for use within a session 

4 random key initiation interval in response to requests received by said first station during 

5 said session random key initiation interval for use in a first exchange of said plurality of 

6 exchanges; 

7 associating, in said first station, a plurality of intermediate data random keys with 

8 said request for use in said plurality of exchanges; 

9 wherein said plurality of exchanges includes a first message from the first station 

10 carrying said session random key to the second station, where the second station returns a 

1 1 second message carrying a shared parameter encrypted using the session random key; and 

12 decrypting the shared parameter from said second message at the first station. 

1 36. The apparatus of claim 26, wherein said logic to provide ephemeral encryption 

2 keys at the first station includes instructions: 

3 assigning, in said first station, a session random key for use within a session 

4 random key initiation interval in response to requests received by said first station during 

5 said session random key initiation interval for use in a first exchange of said plurality of 

6 exchanges; 

7 associating, in said first station, a plurality of intermediate data random keys with 

8 said request for use in said plurality of exchanges; 

9 wherein said plurality of exchanges includes 

10 a first exchange including sending a first message from the first station carrying 
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said session random key to the second station, where the second station 
returns a second message carrying a shared parameter encrypted using the 
session random key, and decrypting the shared parameter at the first 
station to validate the second station; and 
a second exchange including sending a further message from the first station to 
the second station, the further message carrying a particular data random 
key from said plurality of intermediate data random keys encrypted using 
the session random key, where the second station returns another message 
carrying a hashed version of said particular data random key encrypted 
using said particular encryption key to the first station, and decrypting said 
hashed version of said particular data random key at the first station using 
said particular data random key. 

37. The apparatus of claim 26, wherein said logic to provide ephemeral encryption 
keys at the first station includes instructions: 

assigning, in said first station, a session random key for use within a session 
random key initiation interval in response to requests received by said first station during 
said session random key initiation interval for use in a first exchange of said plurality of 
exchanges; 

associating, in said first station, a plurality of intermediate data random keys with 
said request for use in said plurality of exchanges; and 

after said request for initiation of a communication session, presenting to the 
second station a user interface along with the session random key, said user interface 
including a prompt for entry of a shared parameter and at least one shared secret. 

38. The apparatus of claim 26, wherein said logic to provide ephemeral encryption 
keys at the first station includes instructions: 

assigning, in said first station, a session random key for use within a session 
random key initiation interval in response to requests received by said first station during 
said session random key initiation interval for use in a first exchange of said plurality of 
exchanges; 
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7 associating, in said first station, a plurality of intermediate data random keys with 

8 said request for use in said plurality of exchanges; and 

9 after said request for initiation of a communication session, presenting to the 

10 second station a user interface along with the session random key, said user interface 

1 1 including a prompt for entry of a shared parameter and at least two shared secrets. 

1 39. The apparatus of claim 26, wherein said logic to provide ephemeral encryption 

2 keys at the first station includes instructions: 

3 assigning, in said first station, a session random key for use within a session 

4 random key initiation interval in response to requests received by said first station during 

5 said session random key initiation interval for use in a first exchange of said plurality of 

6 exchanges; 

7 associating, in said first station, a plurality of intermediate data random keys with 

8 said request for use in said plurality of exchanges; 

9 wherein said plurality of exchanges includes 

10 a first exchange including sending a first message from the first station carrying 

1 1 said session random key to the second station, where the second station 

12 returns a second message carrying a shared parameter encrypted using the 

13 session random key, and decrypting the shared parameter at the first 

14 station; and 

15 a second exchange including sending a third message from the first station to the 

16 second station, the third message carrying a particular data random key 

17 from said plurality of intermediate data random keys encrypted using the 

18 session random key, where the second station returns a fourth message 

19 carrying a hashed version of said particular data random key encrypted 

20 using said particular data random key to the first station, and decrypting 

21 said hashed version of said particular data random key at the first station 

22 using said particular data random key; 

23 and then executing at least one additional exchange in said plurality of exchanges, 

24 where 
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25 said at least one additional exchange includes sending an additional message from 

26 the first station to the second station carrying a next data random key from 

27 the plurality of intermediate data random keys associated with said 

28 request, encrypted using a key exchanged during a previously completed 

29 exchange in said plurality of exchanges, where the second station decrypts 

30 said next data random key and returns a responsive message carrying a 

3 1 hashed version of said next data random key encrypted using said next 

32 data random key, and decrypting at the first station said hashed version of 

33 said next data random key using said next data random key. 

1 40. The apparatus of claim 39, including logic executing during at least one of said 

2 additional exchanges, including instructions 

3 producing said third message by first veiling the particular data random key using 



4 a first conversion array seeded by a first shared secret and encrypting the veiled particular 

5 data random key, where the second station decrypts and unveils said particular data 

6 random key using the first shared secret, and where the second station produces said 

7 fourth message by veiling the hashed version of the particular data random key using a 

8 second conversion array seeded by said first shared secret and encrypting the veiled 

9 hashed version of the next data random key; and 

10 decrypting and unveiling the hashed version of the particular data random key at 

1 1 the first station. 

1 41 . The apparatus of claim 39, including logic executing more than one of said 

2 additional exchanges. 

1 42. The apparatus of claim 39, including logic executing during at least one of said 

2 additional exchanges, including instructions 

3 producing said additional message by first veiling the next data random key using 

4 a first conversion array seeded by a shared secret and encrypting the veiled next data 

5 random key, where the second station decrypts and unveils said next data random key 

6 using the shared secret, and 
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7 where the second station produces said responsive message by veiling the hashed version 

8 of the next data random key using a second conversion array seeded by said shared secret 

9 and encrypting the veiled hashed version of the next data random key; and 

10 decrypting and unveiling the hashed version of the next data random key at the 

1 1 first station. 

1 43. The apparatus of claim 42, where the one of the first and second conversion 

2 arrays comprises X sections, each of said X sections including Y byte positions in an 

3 order, and including instructions 

4 generating one of the first and second conversion arrays using a random number 

5 generator seeded by said shared secret to produce a pseudorandom number having X 

6 values corresponding with respective sections of said X sections, the X values each being 

7 between 1 and Y and identifying one of said Y byte positions, and 

8 placing a byte of said random key in each of said X sections at the one of said Y 

9 byte positions identified by the corresponding one of said X values. 

1 44. The apparatus of claim 42, where the one of the first and second conversion 

2 arrays comprises X sections, each of said X sections including Z bit positions in an order, 

3 and including instructions 

4 generating one of the first and second conversion arrays using a random number 

5 generator seeded by said shared secret to produce a pseudorandom number having X 

6 values corresponding with respective sections of said X sections, the X values each being 

7 between 1 and Z and identifying one of said Z bit positions, and 

8 placing a bit of said random key in each of said X sections at the one of said Z bit 

9 positions identified by the corresponding one of said X values. 

1 45. The apparatus of claim 42, where the one of the first and second conversion 

2 arrays comprises X sections, each of said X sections including Y byte positions in an 

3 order, each of said Y byte positions including B bit positions in an order, and including 

4 instructions 
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5 generating one of the first and second conversion arrays using a random number 

6 generator seeded by said shared secret to produce a first pseudorandom number having X 

7 values corresponding with respective sections of said X sections, the X values each being 

8 between 1 and Y and identifying one of said Y byte positions, 

9 using a random number generator seeded by said shared secret to produce a 

10 second pseudorandom number having B values corresponding with respective bits in a 

1 1 byte of said random key, the B values each being between 1 and B and identifying one of 

12 said B bit positions, 

13 placing a byte, including B bits, of said random key in each of said X sections at 

14 the one of said Y byte positions identified by the corresponding one of said X values, and 

15 mapping the B bits of said byte of said random key to said B bit positions 

16 identified by the corresponding one of said B values. 

1 46. The apparatus of claim 42, where the one of the first and second conversion 

2 arrays comprises X sections, each of said X sections including Y byte positions in an 

3 order, each of said Y byte positions including B bit positions in an order, and including 

4 instructions 

5 generating one of the first and second conversion arrays using a random number 

6 generator seeded by said shared secret to produce a first pseudorandom number having X 

7 values corresponding with respective sections of said X sections, the X values each being 

8 between 1 and Y and identifying one of said Y byte positions, 

9 using a random number generator to produce a second pseudorandom number 

10 having B values corresponding with respective bits in a byte of said random key, the B 

1 1 values each being between 1 and B and identifying one of said B bit positions, 

12 placing a byte, including B bits, of said random key in each of said X sections at 

13 the one of said Y byte positions identified by the corresponding one of said X values, and 

14 mapping the B bits of said byte of said random key to said B bit positions 

15 identified by the corresponding one of said B values. 

1 47. The apparatus of claim 42, including upon request for initiation of a 

2 communication session, logic to present to the second station a user interface for 
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3 initiation of an authentication session including a compiled version of the session random 

4 key and parameters for one or more conversion arrays, said user interface including a 

5 prompt for entry of the shared parameter, and at least said shared secret. 

1 48. The apparatus of claim 40, including upon request for initiation of a 

2 communication session, logic to present to the second station a user interface for 

3 initiation of an authentication session including a compiled version of the session random 

4 key and parameters for one or more conversion arrays, said user interface including a 

5 prompt for entry of the shared parameter, and at least said shared secret. 



1 49. The apparatus of claim 39, including logic executing a further exchange including 

2 instructions 

3 sending a message from the first station to the second station carrying said 

4 encryption key encrypted using a first shared secret to the second station, 

5 where the second station returns a message carrying a hashed version of 

6 said encryption key encrypted using said first shared secret, and 

7 decrypting said encryption key at the first station; 

8 sending a message from the first station to the second station carrying said 

9 encryption key encrypted using a second shared secret, where the second 

10 station decrypts said encryption key, and returns a message to the first 

1 1 station carrying a hashed version of the encryption key encrypted using 

12 said second shared secret. 

1 50. The apparatus of claim 39, including logic executing a further exchange including 

2 instructions 

3 sending a message from the first station to the second station carrying said 

4 encryption key encrypted using a first shared secret to the second station, 

5 where the second station returns a message carrying a hashed version of 

6 said encryption key encrypted using said first shared secret, and 

7 decrypting said encryption key at the first station; 



o 
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8 sending a message from the first station to the second station carrying said 

9 encryption key encrypted using a second shared secret, where the second 

10 station decrypts said encryption key, and returns a message to the first 

1 1 station carrying a hashed version of the encryption key encrypted using 

12 said second shared secret; and 

13 sending a message from the first station to the second station carrying an 

14 authentication signal indicating success or failure of mutual authentication 

15 and establishment of the encryption key, said authentication signal being 

16 encrypted using one of said intermediate data random keys from a 

17 previous exchange. 

1 51. An article, comprising : 

2 machine readable data storage medium having computer program instructions 

3 stored therein for establishing a communication session on a communication medium 

4 between a first data processing station and a second data processing station having access 

5 to the communication medium, said instructions comprising: 

6 logic to receive a request via the communication interface for initiation of a 

7 communication session between the first station and the second station; 

8 logic to provide ephemeral encryption keys at the first station; and 

9 logic to execute after receiving said request, a plurality of exchanges of messages 

10 across said communication medium to mutually authenticate the first station and the 

1 1 second station and to provide one of said ephemeral encryption keys to the second station 

12 for use in said communication session. 

1 52. The article of claim 5 1 , wherein during said plurality of exchanges, said 

2 instructions include logic requiring the first and second stations to use at least two shared 

3 secrets without exchanging messages carrying said shared secrets via the communication 

4 medium. 

1 53 . The article of claim 5 1 , said instructions include logic for mutual authentication 

2 based on at least two shared secrets without exchanging messages carrying said shared 
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3 secrets via the communication medium. 

1 54. The article of claim 5 1 , wherein said plurality of exchanges comprise interactive 

2 exchanges, said interactive exchanges including a message from the first station to the 

3 second station and a responsive message from the second station to the first station, 

4 where the responsive message comprises information from the message from the first 

5 station derived using information derived from a message in a previous exchange. 

1 55. The article of claim 5 1 , wherein said logic to provide ephemeral encryption keys 

2 at the first station includes: 

3 logic that assigns a session random key in said first station, in response to a 

4 request received during a session random key initiation interval for use in a first exchange 

5 of said plurality of exchanges; 

6 logic that associates, in said first station, a plurality of intermediate data random 

7 keys with said request for use in said plurality of exchanges; and 

8 wherein said plurality of exchanges includes at least one message carrying an 

9 encrypted version of one of said plurality of intermediate data random keys to be 
10 accepted as said encryption key upon said mutual authentication. 

1 56. The article of claim 5 1 , wherein said logic to provide ephemeral encryption keys 

2 at the first station includes instructions: 

3 providing a buffer at the first station; 

4 generating keys and storing said keys in the buffer; 

5 associating respective session random key initiation intervals with said keys 

6 stored in said buffer; 

7 using keys from said buffer as session random keys in response to requests 

8 received by said first station during said respective session random key initiation intervals 

9 for use in a first exchange of said plurality of exchanges; 

10 removing keys from said buffer after expiry of the respective session random key 

1 1 lifetimes in the buffer. 
1 
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1 57. The article of claim 56, wherein said buffer is managed as a circular buffer. 

1 58. The article of claim 56, wherein a session random key lifetime in the buffer for 

2 said plurality of exchanges has a value within which the plurality of exchanges can be 

3 completed in expected circumstances, and said keys are removed from said buffer after a 

4 multiple M times said value of session random key lifetime to engage into establishing a 

5 communication session, where M is less than or equal to 10. 

1 59. The article of claim 56, wherein a session random key lifetime in the buffer for 

2 said plurality of exchanges has a value within which the plurality of exchanges can be 

3 completed in expected circumstances, and said keys are removed from said buffer after a 

4 multiple M times said value, and the session random key lifetime to engage into 

5 establishing a communication session is less than about 90 seconds. 

1 60. The article of claim 5 1 , wherein said logic to provide ephemeral encryption keys 

2 at the first station includes instructions: 

3 assigning, in said first station, a session random key for use within a session 

4 random key initiation interval in response to requests received by said first station during 

5 said session random key initiation interval for use in a first exchange of said plurality of 

6 exchanges; 

7 associating, in said first station, a plurality of intermediate data random keys with 

8 said request for use in said plurality of exchanges; 

9 wherein said plurality of exchanges includes a first message from the first station 

10 carrying said session random key to the second station, where the second station returns a 

1 1 second message carrying a shared parameter encrypted using the session random key; and 

12 decrypting the shared parameter from said second message at the first station. 

1 61. The article of claim 5 1 , wherein said logic to provide ephemeral encryption keys 

2 at the first station includes instructions: 

3 assigning, in said first station, a session random key for use within a session 

4 random key initiation interval in response to requests received by said first station during 
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5 said session random key initiation interval for use in a first exchange of said plurality of 

6 exchanges; 

7 associating, in said first station, a plurality of intermediate data random keys with 

8 said request for use in said plurality of exchanges; 

9 wherein said plurality of exchanges includes 

10 a first exchange including sending a first message from the first station carrying 

1 1 said session random key to the second station, where the second station 

12 returns a second message carrying a shared parameter encrypted using the 

13 session random key, and decrypting the shared parameter at the first 

14 station to validate the second station; and 

15 a second exchange including sending a further message from the first station to 

16 the second station, the further message carrying a particular data random 

17 key from said plurality of intermediate data random keys encrypted using 

18 the session random key, where the second station returns another message 

19 carrying a hashed version of said particular data random key encrypted 

20 using said particular encryption key to the first station, and decrypting said 

21 hashed version of said particular data random key at the first station using 

22 said particular data random key. 

1 62. The article of claim 5 1 , wherein said logic to provide ephemeral encryption keys 

2 at the first station includes instructions: 

3 assigning, in said first station, a session random key for use within a session 

4 random key initiation interval in response to requests received by said first station during 

5 said session random key initiation interval for use in a first exchange of said plurality of 

6 exchanges; 

7 associating, in said first station, a plurality of intermediate data random keys with 

8 said request for use in said plurality of exchanges; and 

9 after said request for initiation of a communication session, presenting to the 

10 second station a user interface along with the session random key, said user interface 

1 1 including a prompt for entry of a shared parameter and at least one shared secret. 
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1 63. The article of claim 5 1 , wherein said logic to provide ephemeral encryption keys 

2 at the first station includes instructions: 

3 assigning, in said first station, a session random key for use within a session 

4 random key initiation interval in response to requests received by said first station during 

5 said session random key initiation interval for use in a first exchange of said plurality of 

6 exchanges; 

7 associating, in said first station, a plurality of intermediate data random keys with 

8 said request for use in said plurality of exchanges; and 

9 after said request for initiation of a communication session, presenting to the 

10 second station a user interface along with the session random key, said user interface 

1 1 including a prompt for entry of a shared parameter and at least two shared secrets. 

1 64. The article of claim 5 1 , wherein said logic to provide ephemeral encryption keys 

2 at the first station includes instructions: 

3 assigning, in said first station, a session random key for use within a session 

4 random key initiation interval in response to requests received by said first station during 

5 said session random key initiation interval for use in a first exchange of said plurality of 

6 exchanges; 

7 associating, in said first station, a plurality of intermediate data random keys with 

8 said request for use in said plurality of exchanges; 

9 wherein said plurality of exchanges includes 

10 a first exchange including sending a first message from the first station carrying 

1 1 said session random key to the second station, where the second station 

12 returns a second message carrying a shared parameter encrypted using the 

13 session random key, and decrypting the shared parameter at the first 

14 station; and 

15 a second exchange including sending a third message from the first station to the 

16 second station, the third message carrying a particular data random key 

17 from said plurality of intermediate data random keys encrypted using the 

18 session random key, where the second station returns a fourth message 

19 carrying a hashed version of said particular data random key encrypted 
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20 using said particular data random key to the first station, and decrypting 

2 1 said hashed version of said particular data random key at the first station 

22 using said particular data random key; 

23 and then executing at least one additional exchange in said plurality of exchanges, 

24 where 

25 said at least one additional exchange includes sending an additional message from 

26 the first station to the second station carrying a next data random key from 

27 the plurality of intermediate data random keys associated with said 

28 request, encrypted using a key exchanged during a previously completed 

29 exchange in said plurality of exchanges, where the second station decrypts 

30 said next data random key and returns a responsive message carrying a 

31 hashed version of said next data random key encrypted using said next 

32 data random key, and decrypting at the first station said hashed version of 

33 said next data random key using said next data random key. 

1 65. The article of claim 64, including logic executing during at least one of said 

2 additional exchanges, including instructions 

3 producing said third message by first veiling the particular data random key using 



4 a first conversion array seeded by a first shared secret and encrypting the veiled particular 

5 data random key, where the second station decrypts and unveils said particular data 

6 random key using the first shared secret, and where the second station produces said 

7 fourth message by veiling the hashed version of the particular data random key using a 

8 second conversion array seeded by said first shared secret and encrypting the veiled 

9 hashed version of the next data random key; and 

10 decrypting and unveiling the hashed version of the particular data random key at 

1 1 the first station. 

1 66. The article of claim 64, including logic executing more than one of said additional 

2 exchanges. 
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1 67. The article of claim 67, logic executing during at least one of said additional 

2 exchanges, including instructions 

3 producing said additional message by first veiling the next data random key using 

4 a first conversion array seeded by a shared secret and encrypting the veiled next data 

5 random key, where the second station decrypts and unveils said next data random key 

6 using the shared secret, and 

7 where the second station produces said responsive message by veiling the hashed version 

8 of the next data random key using a second conversion array seeded by said shared secret 

9 and encrypting the veiled hashed version of the next data random key; and 



10 decrypting and unveiling the hashed version of the next data random key at the 

1 1 first station. 

1 68. The article of claim 67, where the one of the first and second conversion arrays 

2 comprises X sections, each of said X sections including Y byte positions in an order, and 

3 including instructions 

4 generating one of the first and second conversion arrays using a random number 

5 generator seeded by said shared secret to produce a pseudorandom number having X 

6 values corresponding with respective sections of said X sections, the X values each being 

7 between 1 and Y and identifying one of said Y byte positions, and 

8 placing a byte of said random key in each of said X sections at the one of said Y 

9 byte positions identified by the corresponding one of said X values. 

1 69. The article of claim 67, where the one of the first and second conversion arrays 

2 comprises X sections, each of said X sections including Z bit positions in an order, and 

3 including instructions 

4 generating one of the first and second conversion arrays using a random number 

5 generator seeded by said shared secret to produce a pseudorandom number having X 

6 values corresponding with respective sections of said X sections, the X values each being 

7 between 1 and Z and identifying one of said Z bit positions, and 

8 placing a bit of said random key in each of said X sections at the one of said Z bit 

9 positions identified by the corresponding one of said X values. 
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1 70. The article of claim 68 5 where the one of the first and second conversion arrays 

2 comprises X sections, each of said X sections including Y byte positions in an order, each 

3 of said Y byte positions including B bit positions in an order, and including instructions 

4 generating one of the first and second conversion arrays using a random number 

5 generator seeded by said shared secret to produce a first pseudorandom number having X 

6 values corresponding with respective sections of said X sections, the X values each being 

7 between 1 and Y and identifying one of said Y byte positions, 

8 using a random number generator seeded by said shared secret to produce a 

9 second pseudorandom number having B values corresponding with respective bits in a 

10 byte of said random key, the B values each being between 1 and B and identifying one of 

1 1 said B bit positions, 

12 placing a byte, including B bits, of said random key in each of said X sections at 

13 the one of said Y byte positions identified by the corresponding one of said X values, and 

14 mapping the B bits of said byte of said random key to said B bit positions 

15 identified by the corresponding one of said B values. 

1 71 . The article of claim 67, where the one of the first and second conversion arrays 

2 comprises X sections, each of said X sections including Y byte positions in an order, each 

3 of said Y byte positions including B bit positions in an order, and including instructions 

4 generating one of the first and second conversion arrays using a random number 

5 generator seeded by said shared secret to produce a first pseudorandom number having X 

6 values corresponding with respective sections of said X sections, the X values each being 

7 between 1 and Y and identifying one of said Y byte positions, 

8 using a random number generator to produce a second pseudorandom number 

9 having B values corresponding with respective bits in a byte of said random key, the B 

10 values each being between 1 and B and identifying one of said B bit positions, 

1 1 placing a byte, including B bits, of said random key in each of said X sections at 

12 the one of said Y byte positions identified by the corresponding one of said X values, and 

13 mapping the B bits of said byte of said random key to said B bit positions 

14 identified by the corresponding one of said B values. 
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1 72. The article of claim 67, including upon request for initiation of a communication 

2 session, logic to present to the second station a user interface for initiation of an 

3 authentication session including a compiled version of the session random key and 

4 parameters for one or more conversion arrays, said user interface including a prompt for 

5 entry of the shared parameter, and at least said shared secret. 

1 73. The article of claim 65, including upon request for initiation of a communication 

2 session, logic to present to the second station a user interface for initiation of an 

3 authentication session including a compiled version of the session random key and 

4 parameters for one or more conversion arrays, said user interface including a prompt for 

5 entry of the shared parameter, and at least said shared secret. 

1 74. The article of claim 64, including logic executing a further exchange including 

2 instructions 

3 sending a message from the first station to the second station carrying said 

4 encryption key encrypted using a first shared secret to the second station, 

5 where the second station returns a message carrying a hashed version of 

6 said encryption key encrypted using said first shared secret, and 

7 decrypting said encryption key at the first station; 

8 sending a message from the first station to the second station carrying said 

9 encryption key encrypted using a second shared secret, where the second 

10 station decrypts said encryption key, and returns a message to the first 

1 1 station carrying a hashed version of the encryption key encrypted using 

12 said second shared secret. 

1 75. The article of claim 64, including logic executing a further exchange including 

2 instructions 

3 sending a message from the first station to the second station carrying said 

4 encryption key encrypted using a first shared secret to the second station, 

5 where the second station returns a message carrying a hashed version of 
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6 said encryption key encrypted using said first shared secret, and 

7 decrypting said encryption key at the first station; 

8 sending a message from the first station to the second station carrying said 

9 encryption key encrypted using a second shared secret, where the second 

10 station decrypts said encryption key, and returns a message to the first 

1 1 station carrying a hashed version of the encryption key encrypted using 

12 said second shared secret; and 

13 sending a message from the first station to the second station carrying an 



14 authentication signal indicating success or failure of mutual authentication and 

15 establishment of the encryption key, said authentication signal being encrypted using one 

16 of said intermediate data random keys from a previous exchange. 
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